jenkins -- XSS vulnerability

Details

VuXML ID

9448a82f-6878-11e1-865f-00e0814cab4e

Discovery

2012-03-05

Entry

2012-03-07

Jenkins Security Advisory reports:

An XSS vulnerability was found in Jenkins core, which allows an
attacker to inject malicious HTMLs to pages served by Jenkins.
This allows an attacker to escalate his privileges by hijacking
sessions of other users. This vulnerability affects all
versions.